Chore: [AEA-6242] - move to new quality checks #2239

Workflow file for this run

.github/workflows/pull_request.yml at be8e547

	name: deploy_pr

	on:
	pull_request:
	branches: [main]

	permissions: {}

	jobs:
	get_config_values:
	uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
	permissions:
	attestations: read
	contents: read
	packages: read
	dependabot-auto-approve-and-merge:
	uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
	permissions:
	contents: write
	pull-requests: write
	secrets:
	AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
	AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}


	quality_checks:
	uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
	needs: [get_config_values]
	permissions:
	contents: read
	id-token: write
	packages: read
	with:
	pinned_image: "${{ needs.get_config_values.outputs.pinned_image }}"
	secrets:
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

	pr_title_format_check:
	uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
	permissions:
	pull-requests: write
	get_issue_number:
	runs-on: ubuntu-22.04
	outputs:
	issue_number: ${{steps.get_issue_number.outputs.result}}

	steps:
	- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
	name: get issue number
	id: get_issue_number
	with:
	script: \|
	if (context.issue.number) {
	// Return issue number if present
	return context.issue.number;
	} else {
	// Otherwise return issue number from commit
	return (
	await github.rest.repos.listPullRequestsAssociatedWithCommit({
	commit_sha: context.sha,
	owner: context.repo.owner,
	repo: context.repo.repo,
	})
	).data[0].number;
	}
	result-encoding: string

	tag_release:
	needs: [get_config_values]
	uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
	permissions:
	id-token: write
	contents: write
	packages: write
	with:
	dry_run: true
	pinned_image: "${{ needs.get_config_values.outputs.pinned_image }}"
	branch_name: ${{ github.event.pull_request.head.ref }}
	tag_format: ${{ needs.get_config_values.outputs.tag_format }}

	get_commit_id:
	runs-on: ubuntu-22.04
	outputs:
	commit_id: ${{ steps.commit_id.outputs.commit_id }}
	steps:
	- name: Get Commit ID
	id: commit_id
	run: \|
	echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"

	package_code:
	needs: [quality_checks, get_issue_number, get_commit_id, get_config_values]
	uses: ./.github/workflows/cdk_package_code.yml
	permissions:
	contents: read
	id-token: write
	packages: read
	with:
	pinned_image: "${{ needs.get_config_values.outputs.pinned_image }}"
	VERSION_NUMBER: ${{needs.get_issue_number.outputs.issue_number}}
	COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}

	show_dev_changes:
Check failure on line 103 in .github/workflows/pull_request.yml View workflow run for this annotation GitHub Actions / deploy_pr Invalid workflow file `The workflow is not valid. .github/workflows/pull_request.yml (Line: 103, Col: 3): Error calling workflow 'NHSDigital/eps-vpc-resources/.github/workflows/cdk_release_code.yml@c75982352f9353d97f8f523f5424bb65e9cc55b6'. The nested job 'deploy_cdk_code' is requesting 'contents: write', but is only allowed 'contents: read'.`
	needs: [quality_checks, get_issue_number, package_code, get_commit_id, get_config_values]
	uses: ./.github/workflows/cdk_release_code.yml
	permissions:
	contents: read
	id-token: write
	with:
	pinned_image: "${{ needs.get_config_values.outputs.pinned_image }}"
	TARGET_ENVIRONMENT: dev
	VERSION: ${{needs.get_issue_number.outputs.issue_number}}
	COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
	CDK_APP_NAME: VpcResourcesApp
	CDK_RESOURCE_STACK_NAME: VpcResourcesStack
	DEPLOYED_STACK_NAME: vpc-resources
	LOG_RETENTION_IN_DAYS: 30
	DEPLOY_CDK_CODE: false
	FORWARD_CSOC_LOGS: false
	secrets:
	CDK_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Chore: [AEA-6242] - move to new quality checks #2239

Workflow file

Chore: [AEA-6242] - move to new quality checks #2239

Uh oh!

Workflow file for this run

GitHub Actions / deploy_pr